[Git][security-tracker-team/security-tracker][master] CVE-2022-21704/node-log4js fixed in unstable
Neil Williams (@codehelp)
codehelp at debian.org
Thu Feb 3 14:35:39 GMT 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97096f2a by Neil Williams at 2022-02-03T14:35:14+00:00
CVE-2022-21704/node-log4js fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14396,7 +14396,11 @@ CVE-2022-21706
CVE-2022-21705
RESERVED
CVE-2022-21704 (log4js-node is a port of log4js to node.js. In affected versions defau ...)
- TODO: check
+ - node-log4js 6.4.1+~cs8.3.5-1
+ NOTE: https://github.com/log4js-node/log4js-node/pull/1141 (v6.4.1)
+ NOTE: https://github.com/log4js-node/streamroller/pull/87
+ NOTE: https://github.com/log4js-node/log4js-node/security/advisories/GHSA-82v2-mx6x-wq7q
+ NOTE: https://github.com/log4js-node/log4js-node/blob/v6.4.0/CHANGELOG.md#640
CVE-2022-21703
RESERVED
CVE-2022-21702
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97096f2a8f5e7abf56bed76347236ef649c7f60d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97096f2a8f5e7abf56bed76347236ef649c7f60d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220203/b707e784/attachment.htm>
More information about the debian-security-tracker-commits
mailing list